IT Trenches

May 6, 2008  12:47 PM

Researching Network TAPs – an end to network blindness? (part 3)

Troy Tate Profile: Troy Tate

I have now gotten back around to working on this activity. In case you have forgotten what I am working on, please review part 1 and part 2.

I have ordered the Datacom Singlestream SS102 Link Aggregation Tap. I placed the order last Friday. On Monday, my supplier said that it could take more than two weeks to receive this product. I was surprised by the lead time required for this device. I was first told that it could take 4 weeks for the product to ship. I am in more of a hurry than that and was about to change to a different higher-cost product to pressure the supplier to have a quicker delivery.  The conversation seemed to have worked.

My alternative choice was the Network Instruments nTap. However, it was almost a 50% premium over the Datacom solution. The link I need to monitor is not a high speed link so I really do not need the memory buffer that NI’s equipment offers. I was just willing to consider it if I could receive and implement the solution quicker.

I will let you know how the product works and any issues I encounter during implementation.

Thanks for your time. Let’s be good network citizens together & practice safe networking!

May 2, 2008  6:26 PM

Did you see this? – Gideon’s INFOSEC list

Troy Tate Profile: Troy Tate

This site is dedicated to increasing security awareness among the general population and the technology community. The Basic Security section is focused on the average person. The Advanced Security section should be of interest to technologists, senior management and legislators. Direct access to security information makes this site unique. Within a few clicks, you should have access to what you are looking for.

The resources listed on this site are updated roughly quarterly. To keep current, consider subscribing to Gideon’s INFOSEC list. The lists’ primary focuses are security resources, security news, industry trends and vulnerabilities. Gideon’s list is low volume and “Distribution Only”.

This site does not accept sponsors or donations of any kind.

April 29, 2008  5:11 PM

I can’t get no technical (support) satisfaction

Troy Tate Profile: Troy Tate

My apologies to the Rolling Stones for munging their classic song.

How many times have you encountered a situation in your organization where something needs to be done yet either IT is not able or willing to support your business related efforts. There are lots of reasons for this to happen in the business world.

One division of our business is electronics manufacturing solutions where we assemble parts designed by the customer. I recently encountered a situation where a customer has some onsite testing gear to measure QA data on devices we manufacture for them. The testing gear was not for our engineers but for the customer. According to the supporting engineer, his IT department was not interested in supporting these test devices. So, the engineer was asking my organization to support the test hosts.

Well, our side of the story now… these test devices run linux as the operating system. My IT organization typically does not support linux because our focus is on Microsoft Windows systems. So, here’s the conundrum… who supports this engineer and his manufacturing requirements? The test hosts are owned and designed by the customer, yet the hosts are at my organization’s facility.

Tough situation for sure! Right now our answer is to do our best effort in supporting this engineer and the engineer is going to talk to his in-house IT department to see if they will support his requirements. It seems to be a shame that this engineer cannot find support from his own organization. He really could use this when in the end, these test systems are there to support the quality of his organization’s product.

What are your thoughts on this situation? Does your IT organization have to support third-party systems within your facility? If so, what protections have you put into place for your organization?

Thanks for your time. Let’s be good network citizens together & practice safe networking!

April 23, 2008  5:13 PM

Dear John…. let’s talk about Cisco

Troy Tate Profile: Troy Tate

Don’t you wish that every vendor’s competitor had something similar to the Dear John (Chambers of Cisco fame) site found here.

What would a Dear Bill (Gates) letter website look like? Well a video documentary was produced and can be found here.  Isn’t he a charming young man? A quick Google search for “Dear Bill Gates” turned up around 452,000 hits. Lots of folks writing with some very interesting perspectives. How about an entire book written as a letter to Bill Gates? Mark Hughes did just that and you can find his book on Amazon for $16.95 (ISBN 1412014719). I wonder if writing to Mr. Gates is like writing a letter to Santa Claus. You feel excited putting words to paper but then realize that there is little chance the letter will actually be read by the intended reader.

Thanks for your time. Let’s be good network citizens together & practice safe networking!

April 18, 2008  1:16 PM

Did you see this? – Georgia requires security metric reporting

Troy Tate Profile: Troy Tate

I saw this news release recently and wondered what standard metrics Georgia government agencies will be reporting and how they will be gathering the information. Are there any Georgia readers out there? How are you addressing this activity for your agency?

News Release

Gov. Perdue Signs Executive Order Strengthening Georgia’s Information Technology Security

Mar 20, 2008, News Report

Gov. Perdue today signed an executive order to protect state data by standardizing information security reporting.

“This executive order is a critical part of the larger plan I announced in December 2007 to transform the state’s technology and shore up the underpinnings we found lacking,” said Governor Sonny Perdue.  “As I stated then, technology is the foundation of a well-run, modern-day enterprise.  This action will go a long way toward addressing our security gaps and giving the state the secure IT infrastructure it requires to responsibly serve Georgia’s citizens.”


Thanks for your time. Let’s be good network citizens together & practice safe networking!

April 15, 2008  1:00 PM

VMWare Player:My ears are still ringing!

Troy Tate Profile: Troy Tate
Incident response

Wow! I didn’t know my laptop could have such loud alerts. Yesterday, I shutdown a virtual machine in VMWare’s VMPlayer application. As soon as I clicked the shutdown button in the guest OS, my laptop let out with the most amazing shriek that seems to still be ringing in my ears several hours later.

I had to actually remove power and the battery from the laptop to get the awful racket to stop. Fortunately, the machine restarted without a glitch.

I was running the Protech ONE security ISO image (this is a nice tool for security testing and education). The VMWare Player is a great tool for running an ISO image if you want to take one for a test drive. I had tried running this same ISO image in Microsoft’s VirtualPC environment but there are issues with this particular ISO and how it handles key mapping so it was just easier to change to VMWare’s Player.

However, now my ears are ringing because of the incredibly loud beeping that my machine let loose when shutting down the guest OS. My laptop speakers are always turned to the lowest level possible so I really have no clue why shutting Protech ONE down would have created such a loud event. I guess I need to see if there is a way I can shutdown this environment without waking up my nearby neighbors in the company Tax department.

Have you ever used any application that performed odd startup or shutdown activities? What did you do to overcome those issues?

Thanks for your time. Let’s be good network citizens together & practice safe networking!

April 10, 2008  6:39 PM

Did you see this? – The Great SPAM diet

Troy Tate Profile: Troy Tate
Incident response

McAfee, Inc. Launches Global S.P.A.M. Experiment

Fifty Volunteers around the World Say ‘Yes’ to a Diet of Spam for 30 Days – Started April 1, 2008

McAfee, Inc. announced the launch of its global S.P.A.M. (Spammed Persistently All Month) Experiment. For the month of April, 50 participants from around the world – ranging from homemakers, government executives, and students to retirees – will surf the Web, make online purchases and register for promotions. Participants have been provided with a clean laptop without spam protection and a new email address. Beginning today, they will blog about their experiences daily at this website.

S.P.A.M. Experiment participants are from ten countries spanning the globe, including Australia, Brazil, France, Germany, Italy, Mexico, the Netherlands, Spain, the United Kingdom and the United States.

Let’s be good network citizens together & practice safe networking!

April 8, 2008  2:21 PM

VoIP, IPT, QOS, COS, on and on – Oh My!

Troy Tate Profile: Troy Tate
Incident response

Well, well, well, so you want to implement voice over IP or IP telephony. You have heard it is going to give you some great cost savings and make your life easier. Hmmmm… upon further thought, the idea of implementing this technology frightens you and I totally understand why.

I have implemented VOIP at four of my sites now. One in Europe that is a small office serviced by a Cisco CallManager Express implementation. My Asian site is a full CallManager cluster solution. My two sites in North America are implemented in a different configuration yet. One of the North American sites has the CallManager cluster like Asia and the second North American site is a SRST (Survivable Remote System Telephony) managed by the other North American site.

So, as you can see, my organization has a good amount of experience in this area and I hope to share some of that with you and help you through this process if you should require this technology in your environment.

Let’s start with some of the reasons some folks say IPT should be implemented.

  • Capital investment costs: This really depends on the solution that you choose. Remember all of the necessary infrastructure elements that are required to support IPT. IPT implementations may add 30% or more in infrastructure equipment replacement or additions.
  • Voice service costs savings: The home consumer may see some cost savings (think Vonage), but the enterprise may already be receiving long distance rates in the two cents per minute or less range. However, other operational costs may offset the savings that IPT appears to offer. More to follow on other costs/issues in a future blog entry.
  • Operational savings: This may be the “real deal” when it comes to cost savings to an organization. IT becomes the owner/operator of the system as it shares the data network infrastructure and operational management.

Some future elements to follow in our discussion will include capacity planning, troubleshooting, partner selection. The volume of information to share is almost endless.

Your continued interest is greatly appreciated. Thanks for your time. Let’s be good network citizens together & practice safe networking!

April 4, 2008  1:40 PM

Did you see this? – Sandbox behavior

Troy Tate Profile: Troy Tate
Incident response

Many of our organizations use “standard” anti-virus like the Symantec, McAfee, Panda, Trend-Micro products. Virus signatures are still valuable, don’t get me wrong, but it seems like there are newer detection methods out there that are challenging this time-tested technology. Heuristics have gotten stronger. The new kid on the block now seems to be sandboxing or behavioral analysis.

An advertisement came across my desk the other day for one of these solutions that caught my eye with its tagline. The tagline read:

If a car crashes and it takes six seconds for the airbag to be released, would you feel safe? No? Then you think like us at Norman.

Hmmmm… is that challenging the old school way of doing anti-virus? What is the new way? Take a look at:

Norman Sandbox analyzer from Norman Data Defense.

Is anyone using this type of technology? What has been your experience? Does it make sense to move to something like this from the tried-true old-school signature-based anti-virus?

Let me know by adding some comments to this blog.

Thanks for your time. Let’s be good network citizens together & practice safe networking!

April 2, 2008  6:22 PM

Researching Network TAPs – an end to network blindness? (part 2)

Troy Tate Profile: Troy Tate

As expected there are several different manufacturers and models that can handle this task. The reseller I spoke with suggested three different devices from two different manufacturers.

Network Instruments nTAP – This is the particular device that initially captured my interest in this type of solution. More information can be found here

Datacom Systems Singlestream aggregation tap – More information on the 10/100 aggregation tap can be found here. Details on a gigabit tap can be found here.

The prices I received on these devices went from around $1000 to $1500 to $2000. As you can see, there are lots of choices. I have requested a demo model of the $1000 device and will see if it will meet my needs. More to come!

Thanks for your time. Let’s be good network citizens together & practice safe networking!

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to: